Method and apparatus for fast secure session establishment on half-duplex point-to-point voice cellular network channels

ABSTRACT

An apparatus ( 213 ) and corresponding methods (FIG.  7 ) to facilitate maintaining crypto synchronization while processing communication signals in a communication unit includes a vocoder ( 215 ) configured to convert input audio band signals to vocoder output frames; a crypto processor ( 217 ) configured to encrypt the vocoder output frames to provide encrypted output frames; and a synchronizer ( 219 ) configured to substitute in a predetermined manner synchronization information corresponding to an encryption state of the crypto processor for a portion of the encrypted data in a portion of the encrypted output frames to provide resultant output synchronization frames suitable for synchronizing a decryption process at a target communication unit.

FIELD OF THE INVENTION

This invention relates in general to communication systems, and morespecifically to schemes for establishing or maintaining cryptosynchronization for secure communications.

BACKGROUND OF THE INVENTION

Communication systems and secure communications in such systems areknown. Typically security is provided using some form of crypto key toencrypt information that is sent from the originator or sending party orunit. The target or receiving party or unit then decrypts thisinformation using the same or a corresponding crypto key to yield theinformation in its original form. To enhance security the crypto key maychange from time to time, for example with every frame. Typically thischange is a deterministic change that depends on the state of theencryption or decryption processes. The originating unit and target unithave to make sure their crypto keys are synchronized or else the targetunit will not be able to successfully decrypt the information. Given thedeterministic nature for the change this is straight forward, except,for example, when a frame or packet is added, such as for example anoverhead packet added by the system, in which case cryptosynchronization may be lost. Known approaches sometimes devote entireframes or packets or other overhead means just to synchronizationinformation, but this tends to waste channel capacity or result in longdelays to re-establish synchronization and thus poor audio quality.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying figures, where like reference numerals refer toidentical or functionally similar elements throughout the separate viewsand which together with the detailed description below are incorporatedin and form part of the specification, serve to further illustratevarious embodiments and to explain various principles and advantages allin accordance with the present invention.

FIG. 1 depicts, in a simplified and representative form, a system leveldiagram of a communications system and two communication units;

FIG. 2 depicts, in a simplified and representative form, acommunications unit suitable for utilizing various embodiments;

FIG. 3 illustrates in a simplified and representative form a blockdiagram for a cryptographic processor suitable for use in thecommunication unit of FIG. 2;

FIG. 4 depicts a sequence of data frames with one frame modified toinclude synchronization information;

FIG. 5 shows an arrangement of normal and modified frames;

FIG. 6 depicts a block diagram demonstrating certain functionality of acrypto synchronizer;

FIG. 7 provides a simplified and exemplary system level functionaldiagram for synchronization management scheme; and

FIG. 8 through FIG. 10 depict various performance information for acrypto-synchronization scheme.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENT

In overview, the present disclosure concerns communications systems thatprovide service to communications units or more specifically userthereof operating therein. More particularly various inventive conceptsand principles embodied in methods and apparatus for maintaining cryptosynchronization between an originator or originating communication unitand a target or target communication unit to facilitate securecommunications are discussed and described.

The term communication device or communication unit may be usedinterchangeably with subscriber unit, wireless subscriber unit, wirelesssubscriber device or the like. The communication devices of particularinterest are those providing or facilitating voice/audio communicationsservices and suitable to employ the concepts and principles furthernoted below that operate over wide area networks (WANs), such asconventional two way systems and devices, various cellular phone systemsincluding analog and digital cellular, CDMA (code division multipleaccess) and variants thereof, GSM, GPRS (General Packet Radio System),2.5G and 3G systems such as UMTS (Universal Mobile TelecommunicationService) systems, Internet Protocol (IP) Wireless Wide Area Networkslike 802.16, 802.20 or Flarion, integrated digital enhanced networks andvariants or evolutions thereof. Furthermore the wireless communicationunits or devices of interest can have short range wirelesscommunications capability normally referred to as WLAN capabilities,such as IEEE 802.11, Bluetooth, or Hiper-Lan and the like preferablyusing CDMA, frequency hopping, OFDM or TDMA access technologies. Thecommunication units may also support direct connections between twocommunication units.

As further discussed below various inventive principles and combinationsthereof are advantageously employed to essentially substitutesynchronization information for normal content in a percentage of dataor voice frames at the originating unit, detect the presence of thisinformation and update the decryption process at the receivingcommunication unit without undue degradation in voice or audible signalsor undue latency in re-establishing synchronization provided theseprinciples or equivalents thereof are utilized.

The instant disclosure is provided to further explain in an enablingfashion the best modes of making and using various embodiments inaccordance with the present invention. The disclosure is further offeredto enhance an understanding and appreciation for the inventiveprinciples and advantages thereof, rather than to limit in any mannerthe invention. The invention is defined solely by the appended claimsincluding any amendments made during the pendency of this applicationand all equivalents of those claims as issued.

It is further understood that the use of relational terms, if any, suchas first and second, top and bottom, and the like are used solely todistinguish one from another entity or action without necessarilyrequiring or implying any actual such relationship or order between suchentities or actions.

Much of the inventive functionality and many of the inventive principlesare best implemented with or in software programs or instructions andgeneral purpose or digital signal processors or other integratedcircuits (ICs) such as application specific. ICs. It is expected thatone of ordinary skill, notwithstanding possibly significant effort andmany design choices motivated by, for example, available time, currenttechnology, and economic considerations, when guided by the concepts andprinciples disclosed herein will be readily capable of generating suchsoftware instructions and programs and ICs with minimal experimentation.Therefore, in the interest of brevity and minimization of any risk ofobscuring the principles and concepts according to the presentinvention, further discussion of such software and ICs, if any, will belimited to the essentials with respect to the principles and concepts ofthe preferred embodiments.

Referring to FIG. 1, a simplified and representative system leveldiagram of a communications system with a multiplicity of communicationunits (three depicted) that can employ secure communications will bediscussed and described. FIG. 1 depicts a communication systeminfrastructure 101 and communication units 103, 105 that are wirelesscommunication units. Communication units 103, 105 can communicate witheach other via the signals or air interfaces 107 that are routed throughthe infrastructure 101 or possibly through a direct connection or airinterface or signal 109. The communications system infrastructure isalso shown with fixed network equipment (FNE) 111, such as a networkswitch, that is further coupled to a wide area network 113, such as thepublic switched telephone network or Internet and via this network to acommunication unit 115. The communication units 103, 105, 115 areadvantageously arranged to engage in secure communication between theunits as well as with a user such as a dispatcher or other operator (notshown) within the FNE 111.

In secure communication, encryption is applied by the transmittingdevice, alternatively called the sending or originating device orOriginator. The receiving device, often called the Target, must applydecryption, which is often the inverse of the encryption performed bythe Originator. One typical scheme for encrypting communication is theuse of an encryption algorithm where the state of the algorithm changeswith each time interval, such as a data frame. As the state changes, anoutput vector changes. The output vector is often combined with trafficor payload information, such as voice data with an exclusive or (XOR)operation where the output of the XOR process or operation is then usedto generate a communication signal for transmission. In order for theTarget to successfully perform decryption, it must know the currentstate of the encryption algorithm and therefore the output vector. Giventhe output vector, it can be combined in an XOR operation with thereceived data. One embodiment of this is further described below withreference to FIG. 3.

During initialization of a communication link, information sufficient toestablish the initial state of the encryption algorithm is exchanged orotherwise provided to the Originator and the Target, where thisinformation is normally provided over a pre-existing secure connection.After the Originator and Target begin exchanging traffic each of therespective encryption or decryption algorithms should progress throughthe same states. If the Originator transmits a certain number of VoiceFrames, the Target should decode the exact same number of Voice Frames.If so, both the Originator and Target will progress through the samenumber of iterations in the encryption algorithm, and so theencryption/decryption process is successful.

However, it is possible for the Originator and Target to “losecrypto-sync,” for example if packets are lost or inserted, for examplein the link from the network to the Target. When that happens, thedecryption algorithm running at the Target does not produce the inverseof the encryption algorithm running at the Originator until crypto-syncis re-established. The result is that random data is recovered and, forexample sent to the vocoder at the Target, resulting in random garblebeing played out as audio. Below we will discuss various advantageousand inventive concepts and principles that will resolve these concernswithout undue latency or changes in typical network infrastructure.

Referring to FIG. 2, a simplified and representative block diagramaccording to various embodiments of a communication unit, such ascommunication unit 105, that is suitable for utilizing variousembodiments of apparatus and methods to facilitate maintenance of cryptosynchronization will be discussed and described. The communication unitincludes a transceiver 201 that supports the interface between thecommunication unit and relevant network. The transceiver may be a radiofrequency transceiver in wireless applications such a unit 105 but maybe some other form of network transceiver for wired applications such asunit 115. In any event the transceiver is generally known, will varywith the interface that is supported, and generally is not furtherrelevant to the remaining discussions.

The transceiver 201 is coupled to a controller and signal processor(hereinafter controller) 203 and the controller 203 is further coupledto a user interface 205. The user interface 205 includes variousgenerally known and widely available entities suitable for effectinginteraction with a user. These entities include, for example, a speakeror earpiece 207, a microphone 209, and a display or visual outputdevice, input device such as keyboard, keypad, joystick, etc. 211 or thelike. The controller 203 is generally responsible for effecting aninteraction between the unit and a user, command and control of thetransceiver and unit, as well as much of any base band signalprocessing.

The controller 203 as shown depicts signal processing functions 213,where the signal processing functions further comprise a vocoder 215, acrypto processor 217, a crypto synchronizer 219, and a channel or voicechannel procedure or process 221, each of which will be described infurther detail below. The controller 203 further comprises a processor223 coupled to a memory 225 and inter coupled to one or more of thesignal processing functions as shown. The processor 223 can be comprisedof one or more general purpose microprocessors or digital signalprocessors, or the like, where such devices are widely available andgenerally known. The specific arrangement is likely to be communicationunit and feature specific and depend on processor capacity that may berequired for a given system and so forth. Note that one or more of theabove noted signal processing functions can be implemented in orassisted or controlled by the processor or portions thereof.

The memory 225 includes software or firmware instructions or routinesthat when executed by the processor result in the processor orcontroller performing the task(s) the controller or processor isresponsible for. The memory also includes data or databases andvariables that may be required to perform its duties. The memoryincludes an operating system, data and variables 227, a receivesynchronization information routine 229, a vocoder frame count forreceive and transmit routine 231, a transmit synchronization informationroutine 233, cryptographic key(s) database and routines 235, as well asvarious other applications, databases, and routines 237, such as userinterface drivers, call processing routines, etc., that will be evidentto one of ordinary skill and that may vary from unit to unit.

The signal processing functions 213 is an apparatus that is arranged andconstructed to facilitate maintaining crypto synchronization whileprocessing communication signals. The apparatus includes the vocoder 215that in a transmit mode is configured to convert input audio bandsignals originating from, for example, the microphone, to vocoder outputframes that in one embodiment are then applied to the crypto processor217. In a receive mode the vocoder is further configured to convertvocoder input frames to output audio band signals that are used to drivethe earpiece 207. Various detailed functions, such as analog to digitaland digital to analog converters, amplifiers, filters, and the like arenot specifically depicted but will be appreciated by one of ordinaryskill to be present. Vocoders are generally known and come in varyingarrangements. One arrangement that will be used to demonstrate byexample the concepts and principles described and taught herein and usedin various embodiments according to the invention is a advancedmulti-band excitation (AMBE+2) vocoder available from Digital VoiceSystems, Inc.

Furthermore, the crypto processor is coupled to the vocoder andconfigured to encrypt the vocoder output frames to provide encryptedoutput frames in a transmit mode and further configured to decrypt inputframes to provide the vocoder input frames in a receive mode. Inoverview in some embodiments the crypto processor encrypts vocoderoutput frames by forming an exclusive OR product of each bit in avocoder output frame with an encryption bit in an encryption vector,where the encryption vector varies with each vocoder output frame, anddecrypts the input frames by forming an exclusive OR product of each bitin an input frame with a decryption bit in a decryption vector, wherethe decryption vector varies with each input frame. This will bedescribed in more detail below with reference to FIG. 3.

The synchronizer or crypto synchronizer 219 is coupled to the cryptoprocessor and configured to substitute in a predetermined mannersynchronization information corresponding to an encryption state of thecrypto processor 217 for a portion (for example 34 out of 99 bits in anAMBE+2 frame) of the encrypted data in a portion (for example 1 of 8 or6 or 4 or 3 of 8 frames) of the encrypted output frames to provideresultant output synchronization frames which are applied to the VCP 221for transmit processing/encoding. The particular count of the outputframes and input frames can be maintained in both the transmit andreceive mode by the vocoder frame count routine 231.

For example in certain embodiments the crypto processor 217 includes astate counter and the synchronizer 219 generates the synchronizationinformation, possibly aided by the processor and transmit syncinformation routine 233, by obtaining a value corresponding to the statecounter contents (for example, 14 least significant bits of a 42 bitstate counter) and calculating and appending a check sum (such as a 20bit Cyclic Redundancy Code) to this value to provide the synchronizationinformation corresponding to each one of the portion of the encryptedoutput frames. In some embodiments, the synchronization information issubstituted for the portion of the encrypted data where the portion isselected to have limited impact on audio quality of resultant outputaudio band signals at the target unit.

In the receive mode, where the vocoder is configured to convert vocoderinput frames to output audio band signals and the crypto processor isarranged to decrypt input frames to provide the vocoder input frames,the synchronizer is further configured to determine whether an inputframe includes corresponding synchronization information and if soupdate a state of the crypto processor using the correspondingsynchronization information. In one embodiment the synchronizer isconfigured to facilitate parsing each input frame from the VCP 221 intoa first part and a second part. After that a check sum corresponding tothe first part is calculated and compared to an embedded check sumwithin the input frame using the processor and receive sync informationroutine 229 as will be appreciated. When the comparison is favorable, itis decided that the first part of the input frame includes thecorresponding synchronization information. When the input frame includesthe synchronization information, the synchronizer so informs the vocoderand the vocoder further processes only the second part of the inputframe to provide a corresponding audio band signal and when the framedoes not include synchronization information the vocoder furtherprocesses the input frame to provide the corresponding audio bandsignal.

Referring to FIG. 3, a simplified and representative block diagram for acryptographic processor suitable for use in the communication unit ofFIG. 2 will be discussed and described. FIG. 3 shows an input frame 301and an output frame 303 where the output frame is comprised of anexclusive OR product formed by the XOR function 305 of the input frameand a vector provided by the vector generator 307. As each bit of theinput frame is presented to the exclusive OR function 305 acorresponding bit of the vector (encryption/decryption vector) providedby vector generator 307 is exclusive OR'd with the input bit to providea corresponding bit of the output frame.

Note that in a transmit mode the input frame can be a vocoder outputframe, while in a receive mode the input frame can be a frame that hasbeen received and decoded according to the VCP 221. So long as thevector that is used at the target communication unit to decrypt a frameis the same as the one used at the originating communication unit toencrypt the same frame the resulting output frame can be useableinformation, whereas if these encryption and decryption vectors aredifferent the output frame may likely be useless. This becomes more ofissue once it is noted that the vector changes for each time interval,typically for each frame.

The vector in one embodiment is the first 99 bits of a 128 bit vectorsupplied by an Advanced Encryption Standard (AES) vector generator 309.AES encryption is known and will not be discussed in detail, other thanto note that the 128 bit vector is a function of a 128 trafficencryption key (TEK) 311 and a 128 bit state vector provided by a statevector generator 313. The TEK is formed by both the origination unit andtarget unit from time to time, for example at the time a call is setupby exchanging information between the units using either a predeterminedsecure link (communication channel with a known but secret key) orlimiting the exchange of information between the units to less than athird party would need to form the TEK. Known methods of doing eitherare available as will be appreciated by one of ordinary skill.

The 128 bit state vector formed by the state vector generator 313 is afunction of the outputs of initialization counter 315 that in oneembodiment is a 42 bit counter. As the state vector is supplied, acounter update 317 is triggered and the initialization counter isincremented. This occurs for example with each interval or new frame.Note that in theory the same thing is occurring at the originator andtarget and thus the system maintains crypto-synchronization, unless apacket is lost or inserted as noted earlier. Crypto synchronization canbe re-established or maintained at the target by loading synchronizationdata 319 provided by the synchronizer. The synchronization data 319 canbe provided to the counter update function 317 or directly to theinitialization counter. In one embodiment this data is the 14 leastsignificant bits from the originators initialization counter as will bediscussed below with reference to FIG. 6.

Referring to FIG. 4, a sequence of data frames with one frame modifiedto include synchronization information will be briefly described anddiscussed. As depicted frames 401-404 are shown with spectral magnitudebits and other voice bits (discussed below) and frames 401, 402, and 404are routed directly to the VCP 221. These frames 401-404 are frames fromthe vocoder, e.g. vocoder output frames or encrypted versions thereoffrom the crypto processor 217. Frame 403, unlike the other three ismodified by the crypto synchronizer by replacing the spectral magnitudebits with synchronization information or synchronization managementcontent 405 while keeping the other voice bits. The resultant frame isrouted to the VCP 221. FIG. 4 shows one exemplary embodiment based onobservations when an AMBE+2 vocoder is used. Other vocoders will likelyyield different but analogous approaches; where generally certaininformation from the vocoder, for example, may have limited impact onparameters such as voice quality. When these bits or locations oflimited impact are determined these locations can be used to carry synchmanagement or synchronization information.

In the exemplary AMBE+2 vocoder, each Voice Frame consists of 99 bits,41 of which are “spectral magnitude bits.” During speech reconstruction,these 41 bits are translated into a code book index value, and eachindex value represents a codeword vector. These codeword vectorsrepresent the spectral magnitude error associated with the encodingprocess and are added back on during decoding to account for this error.In effect these 41 bits describe the spectral magnitude quantizationerror and are the least perceptually important bits required duringspeech reconstruction. With the 4400 bps AMBE+2 vocoder, there is anoption available during speech reconstruction, i.e. the 41 spectralmagnitude bits can be ignored during reconstruction. That is, thesoftware for the vocoder simply does not execute certain parts of thecode, e.g. the parts related to using those bits. Such a Voice Frame maybe referred to alternately as modified, stuffed, or synch managementframe or the like when the synchronization information is included withthe frame. Note that a stuffed Voice Frame is entirely different from aVoice Frame with channel errors in the 41 spectral magnitude bits. IfVoice Frames are stuffed occasionally, for example 1 of 8 or 1 of 6,etc., there is not much effect on audio quality as will be discussedbelow with reference to FIG. 8.

Referring to FIG. 5 an exemplary arrangement of normal and modifiedframes will be reviewed and discussed. It is noted that the particulararrangement will depend on the vocoder as well as VCP organization, etc.for a particular system. In one system, namely an integrated digitalenhanced network system available from Motorola, Inc., the AMBE+2vocoder is used and a VCP frame is 90 ms. The VCP frame includes four22.5 ms Voice Frames. Each Voice Frame consists of 99 bits, and each VCPframe may transmit four Voice Frames, or 396 voice bits. Tasks such asreordering of vocoder bits based on importance, Forward Error Correction(FEC), Cyclic Redundancy Check (CRC) coding, and time interleaving areperformed on the bits within one complete VCP frame. FIG. 5 shows 6 VCPframes, VCP1-VCP6, each 90 ms in duration and each including 4 voiceframes 503. Every other VCP frame includes one sync management frame505, e.g. 1 of 8 voice frames is modified or stuffed.

Referring to FIG. 6, a block diagram demonstrating certain functionalityof the crypto synchronizer 219 will be discussed and described. FIG. 6shows 14 bits 601 that are the least significant bits of the 42 bitstate initialization counter 315 discussed with reference to FIG. 3. A20 bit CRC is formed by CRC function 603 (for example the TX syncinformation routine 233 may be utilized) from these 14 bits. This 20 bitCRC, the original 14 bits, are combined or merged along with 7 sparebits 605 to form a 41 bit block of synchronization information or syncmanagement information that is inserted into appropriate voice frames (1of 8 voice frames, for example) in lieu of the spectral magnitude bits.Thus the crypto synchronizer 219 in the transmit mode keeps track of theframe count and every 8 frames calculates and inserts the correspondingsynchronization information as will be further discussed with referenceto FIG. 7.

Referring to FIG. 7, a simplified and exemplary system level functionaldiagram for a synchronization management scheme will be described anddiscussed. FIG. 7 generally shows the processes 701-707 that are beingundertaken in the originating unit's signal processing function, thechannel 709 indicating transport, and then the processes 711-723 in thetarget communication unit's signal processing function. As an overviewthe method of facilitating crypto synchronization for securecommunication that is practiced at the originator generally includesproviding synchronization information that is suitable to synchronize adecrypting process at a target communication unit and then substitutingin a predetermined manner, such as noted above, this synchronizationinformation for a portion of the information or payload that wouldotherwise have been sent to the target unit.

More specifically an audio band signal 706, such as voice is applied toa vocoder 701 that generates communication data, e.g. a vocoder frame ora series or sequence of vocoder frames that in one embodiment as notedabove are 99 bits long. This communication data or vocoder frames arethen encrypted using the XOR encrypting process 703, such as theapparatus described with reference to FIG. 3 to provide encryptedcommunication data or encrypted vocoder output frames. These frames asencrypted are applied to the process at 705 implemented, for example, inthe crypto synchronizer. If the frame count indicates that this shouldbe a modified frame, e.g. stuffed frame, then synchronizationinformation is provided or generated where the synchronizationinformation comprises state information for the encryption process aswell as a check sum corresponding to the state information. Specificallyfor example, the corresponding 14 least significant bits from theinitialization counter are obtained and a 20 bit CRC is calculated. Thusthe synchronization information that is provided comprisessynchronization information corresponding to a state of the encryptionprocess. The resultant block of synchronization information is suitableto synchronize a decrypting process at a target communication unit. Thesynchronization information that is provided is suitable for detectingthe synchronization information or presence thereof (detect the CRC) atthe target communication unit.

This information is substituted in a predetermined manner for a portionof the encrypted communication data, e.g. 41 bits of spectral magnitudedata in the corresponding frame to provide resultant data to route tothe VCP for encoding 707 to be sent to the target communication unit.Note that the substituting in a predetermined manner comprises insertingthe synchronization information into the vocoder frame as encrypted inlieu of a portion of the vocoder frame. Given the sequence or series ofvocoder frames, the inserting the synchronization information comprisesinserting the synchronization information in a predetermined portion ofthe series of vocoder frames, such as 1 of 8 or 1 of 6, etc.

In summary a series of vocoder data frames is provided from the vocoderand these vocoder data frames are encrypted with the encrypting process.Synchronization information is provided that corresponds to stateinformation for the encryption process and a check sum corresponding tothe state information. The state information is changing as a functionof a location of a vocoder data frame within the series of vocoder dataframes. This synchronization information is substituted in apredetermined manner by inserting in each of a predetermined portion (41spectral magnitude bits) of the vocoder data frames the stateinformation and the check sum corresponding to each of the predeterminedportion (1 of 8, etc.) of the vocoder data frames.

After transport over the channel 709 the target unit implements a methodof facilitating crypto synchronization for secure communication via theprocesses indicated by 711-723. Generally a frame of communication data,e.g. a 99 bit frame is obtained from the VCP decoding process 711. Thenit is determined whether a portion of the frame includes synchronizationinformation 713 using for example the crypto synchronizer at the targetunit. This is done by checking a CRC corresponding to the 41 bits andwhen the frame includes synchronization information (CRC checks), thesynchronization information is used to update a decryption process 715,721 thereby facilitating crypto synchronization. The functions at 713,715 are the responsibility of the crypto synchronizer at the targetunit.

More specifically the determining whether a portion of the frameincludes synchronization information comprises parsing the frame ofcommunication data into a first part, e.g. the 41 bits, and a secondpart or remaining voice bits; calculating a check sum corresponding tothe first part, e.g. based on the 14 bits and comparing the check sum toan embedded check sum, e.g. the CRC calculated and added at theoriginator, within the frame of communication data; and then only whenthe comparison is favorable, e.g. calculated check sum or CRC equalsembedded check sum or CRC, deciding that the first part of the frame ofcommunication data includes the synchronization information. As notedearlier the synchronization information comprises state informationcorresponding to a state machine at the originator and thuscorresponding to a state machine or state of the state machine thatshould be used in the decryption process.

AT 715 it is noted that when the CRC checks the decryption state machineis updated 717, e.g. using the 14 bits as discussed with reference toFIG. 3 and an indication 719 is passed to the vocoder 723 where theindication signals the vocoder that only the remaining voice bits(99−41=58) should be processed. Thus when the frame includessynchronization information the synchronization information is used toupdate the state machine. The frame of communication data is decryptedusing the decryption process as updated and then only the frame less theportion of the frame with the synchronization information is furtherprocessed by the vocoder 723 to provide user information or output audioband signals and when the frame does not include synchronizationinformation the entire 99 bit frame is further processed to provide theuser information.

Referring to FIG. 8 through FIG. 10 various performance information/datafor a crypto-synchronization management scheme will be discussed anddescribed. FIG. 8 shows a table comparing a rate of frame stuffing 801with corresponding percentage of frames that are modified 803 withperceptions of the impact on audio quality 805 for an AMBE+2 vocoder.Note that for 1 of 6 or 1 of 8 rates of frame modification there islittle perceived reduction in audio quality.

FIG. 9 shows average time 901 to re-establish crypto synchronization asa function of carrier to interference levels 903 on the channel when 1of 4 905, 1 of 6 907, and 1 of 8 909 frames are stuffed withsynchronization information. The re-establishment is a function ofcarrier to interference levels as well as frequency of sending thesynchronization information.

FIG. 10 depicts a 90 percentile value of time 1001 to re-establishcrypto synchronization as a function of carrier to interference levels903 on the channel when 1 of 4 1005, 1 of 6 1007, and 1 of 8 1009 framesare stuffed with synchronization information. The 90 percentile value oftime for re-establishment is as expected a function of carrier tointerference levels as well as frequency of sending the synchronizationinformation. Generally from this data it is expected that a rate of ⅛for modified frames should provide reasonable performance results.

The processes, apparatus, and systems, discussed above, and theinventive principles thereof are intended to and will alleviateproblems, such as undue latency channel overhead or degradation of voicequality, caused by prior art synchronization management techniques.Using these principles of substituting synchronization information forbits from a vocoder that are less important from time to time, whenpossible and this depends on particulars of the specific vocoder, willavoid any infrastructure changes, and provide a high quality, lowlatency, and low overhead method of crypto synchronization.

This disclosure is intended to explain how to fashion and use variousembodiments in accordance with the invention rather than to limit thetrue, intended, and fair scope and spirit thereof. The foregoingdescription is not intended to be exhaustive or to limit the inventionto the precise form disclosed. Modifications or variations are possiblein light of the above teachings. The embodiment(s) was chosen anddescribed to provide the best illustration of the principles of theinvention and its practical application, and to enable one of ordinaryskill in the art to utilize the invention in various embodiments andwith various modifications as are suited to the particular usecontemplated. All such modifications and variations are within the scopeof the invention as determined by the appended claims, as may be amendedduring the pendency of this application for patent, and all equivalentsthereof, when interpreted in accordance with the breadth to which theyare fairly, legally, and equitably entitled.

1. A secure device, comprising: a vocoder configured to generate voicepackets from a voice signal; a memory configured to store a previouslyestablished security association from a first session between the securedevice and another secure device, wherein the stored securityassociation comprises an encryption key and a first state vector,wherein the stored security association is adapted to be used during asecond session between the secure device and the other secure device; avector generator configured to generate an updated state vector; and anencryption engine configured to use the cached security association andthe updated state vector to encrypt the voice packets.
 2. The device ofclaim 1, further comprising: a modem configured to format the encryptedvoice packets to fit within a half-duplex PTT voice channel; and a firsttransceiver configured to transmit the formatted voice packets.
 3. Thedevice of claim 2, wherein the updated state vector comprises asynchronization message, and wherein the vector generator, comprises: asynchronization message generator configured to generate thesynchronization message for maintaining secure call synchronization, andwherein the modem further comprises: a synchronization message insertionunit configured to replace at least part of at least one of theencrypted voice packets of an encrypted voice frame being sent from theencryption engine with the synchronization message.
 4. The device ofclaim 2, wherein the encrypted voice packets being replaced by thesynchronization message comprise encrypted voice packets that includethe least significant bits of the encrypted voice frame, and wherein theencrypted voice packets and synchronization messages are formatted tofit within the half-duplex PTT voice channel.
 5. The device of claim 1,wherein the encryption engine, comprises: an encryption engineconfigured to use the encryption key and the updated state vector toencrypt the voice packets.
 6. The device of claim 2, wherein the firsttransceiver is configured to transmit the formatted and encrypted voicepackets and the synchronization message to the second transceiver overthe half-duplex PTT voice channel.
 7. The device of claim 1, wherein thesecure device further comprises: a secure PTT call phone book directory,wherein an asymmetric key exchange is initiated in advance of a securePTT call when a client number/identifier of the other secure device isentered in the secure PTT call phone book directory.
 8. The device ofclaim 1, wherein the secure device further comprises: an address book,wherein an asymmetric key exchange is initiated in advance of a secondsecure PTT call when the secure device selects the other secure devicelisted in the address book and designates the other secure device asbeing authorized for secure PTT calls, and wherein the secure device isadapted to call the other secure device while the secure device is idleto establish the security association via the asymmetric key exchangebefore initiating the second secure PTT call.
 9. A secure device,comprising: a transceiver configured to receive a voice frame comprisingencrypted/formatted voice packets and an updated state vector; a memoryfor storing a previously established security association from a firstsession between the secure device and another secure device, wherein thecached security association comprises the encryption key and the firststate vector and wherein the stored security association can be usedduring a second session between the secure device and the other securedevice; and a decryption engine configured to use the cached securityassociation and the updated state vector to decrypt the encrypted voicepackets received from the first transceiver.
 10. The device of claim 9,wherein the updated state vector comprises a synchronization message,wherein the decryption engine uses the synchronization message toinitialize cryptographic synchronization at the start of the firstsecure voice frame to thereby compensate for any voice packets lost orgained during transmission.
 11. The device of claim 10, wherein thedecryption engine is configured to use the encryption key and thesynchronization message to decrypt the encrypted/formatted voice packetsreceived by the transceiver.
 12. A secure wireless Push-to-Talk (PTT)dispatch system, comprising: a first device, comprising: a first memoryfor storing a previously established security association from a firstsession between the first device and a second device, wherein the storedsecurity association comprises an encryption key and a first statevector, wherein the stored security association is adapted for useduring a second session between the first device and the second device;a vocoder configured to generate voice packets from a voice inputsignal; a vector generator configured to generate an updated statevector; and an encryption engine configured to use the cached securityassociation and the updated state vector to encrypt the voice packets.13. The system of claim 12, wherein the first device comprises: a modemconfigured to format the encrypted voice packets to fit withinhalf-duplex PTT voice channel; and a first transceiver configured totransmit the formatted voice packets.
 14. The system of claim 13,wherein the second device comprises: a second transceiver configured toreceive the formatted voice packets; a second memory configured to storethe security association for use during a second session between thesecond device and the first device; and a decryption engine configuredto use the cached security association to decrypt the formatted voicepackets received from the first transceiver.
 15. The system of claim 13,wherein the updated state vector comprises a synchronization message,and wherein the vector generator, comprises: a synchronization messagegenerator configured to generate the synchronization message formaintaining secure call synchronization, and wherein the modem furthercomprises: a synchronization message insertion unit configured toreplace at least part of at least one of the encrypted voice packets ofan encrypted voice frame being sent from the encryption engine with thesynchronization message.
 16. A secure communication method for acommunication system comprising a first device which communicates with asecond device over a channel, comprising: establishing, responsive to afirst secure call request from the first device, a security associationduring a first session between the devices via an asymmetric keyexchange, wherein the security association comprises an encryption keyand a first state vector; storing the security association in each ofthe devices for use during a second session between the devices toexpedite security association establishment during call set-up of thesecond session; generating an updated state vector at the first device;and establishing, responsive to a second secure call request from thefirst device, a second session between the first device in the seconddevice by using the encryption key from the first session and theupdated state vector to establish the second session during call set-upof the second session.
 17. The method of claim 16, storing the securityassociation in each of the devices for use during a second sessionbetween the devices to expedite security association establishmentduring call set-up of the second session, comprises: caching theencryption keys in each of the devices for use during a second sessionbetween the devices.
 18. The method of claim 16, further comprising:using the security association to encrypt voice packets being sent fromthe first device to the second device.
 19. The method of claim 18,further comprising: using the security association to decrypt voicepackets received by the second device from the first device.